ventoxcfx.click - robtex.com

ventoxcfx.click

DNSSEC⚠️ Not signed
A2600:1900:4001:96e:8000:1:45de:ee64πŸ‡ΊπŸ‡Έ Google2600:1900:4000::/44
A34.41.139.193πŸ‡ΊπŸ‡Έ Google34.41.0.0/16
NSns1.hwrn.net ⭐
A2600:1900:4000:cb7c:8000::πŸ‡ΊπŸ‡Έ Google2600:1900:4000::/44
A2600:1900:4061:58e:8000::πŸ‡³πŸ‡± Google2600:1900:4060::/44
A2600:1900:4081:2f2:8000::πŸ‡ΈπŸ‡¬ Google2600:1900:4080::/44
A34.32.207.228πŸ‡³πŸ‡± Google34.32.128.0/17
PTR228.207.32.34.bc.googleusercontent.com
A34.46.191.171πŸ‡ΊπŸ‡Έ Google34.46.0.0/16
PTR171.191.46.34.bc.googleusercontent.com
A35.187.247.195πŸ‡ΈπŸ‡¬ Google35.187.240.0/20
PTR195.247.187.35.bc.googleusercontent.com
NSns2.hwrn.net
A2600:1900:4000:cb7c:8000:4::πŸ‡ΊπŸ‡Έ Google2600:1900:4000::/44
A2600:1900:4061:58e:8000:4::πŸ‡³πŸ‡± Google2600:1900:4060::/44
A2600:1900:4081:2f2:8000:4::πŸ‡ΈπŸ‡¬ Google2600:1900:4080::/44
A34.124.162.145πŸ‡ΈπŸ‡¬ Google34.124.160.0/20
PTR145.162.124.34.bc.googleusercontent.com
A34.136.0.93πŸ‡ΊπŸ‡Έ Google34.136.0.0/20
PTR93.0.136.34.bc.googleusercontent.com
A34.147.11.210πŸ‡³πŸ‡± Google34.147.0.0/20
PTR210.11.147.34.bc.googleusercontent.com
MXmx1.csof.net ⭐
A46.4.12.146πŸ‡©πŸ‡ͺ Hetzner46.4.0.0/16 HETZNER-RZ-FKS-BLK3
PTRstatic.146.12.4.46.clients.your-server.de
MXmx2.csof.net ⭐
A46.4.10.173πŸ‡©πŸ‡ͺ Hetzner46.4.0.0/16 HETZNER-RZ-FKS-BLK3
PTRstatic.173.10.4.46.clients.your-server.de
TXTv=spf1 include:_incspfcheck.mailspike.net -all
SOAns1.hwrn.nethostmaster@hwrn.net 2026-04-25 #2

click

DNSSECπŸ”’ Signed (DS record present)
NSns01.trs-dns.com ⭐
NSns.trs-dns.com
NSns01.trs-dns.net
NSns10.trs-dns.info
NSns10.trs-dns.org
SOAns.trs-dns.comtrs-ops@tucows.com serial=1777130599
⚠️ On DNS blocklist: tif

Subdomains

botnet.ventoxcfx.click

Same first word

ventoxcfx.click

DNS History

6 records (6 active, 0 former)

NSns1.hwrn.netns2.hwrn.netMXmx1.csof.netmx2.csof.netA2600:1900:4001:96e:8000:1:45de:ee6434.41.139.193
●NSns1.hwrn.net2026-03-19 β†’ 2026-04-25 Β· 2 obs
● 2026-03-19 01:11:58
● 2026-04-25 15:55:08
●NSns2.hwrn.net2026-03-19 β†’ 2026-04-25 Β· 2 obs
● 2026-03-19 01:11:58
● 2026-04-25 15:55:08
●MXmx1.csof.net2026-03-19 β†’ 2026-04-25 Β· 2 obs
● 2026-03-19 01:11:58
● 2026-04-25 15:55:08
●MXmx2.csof.net2026-03-19 β†’ 2026-04-25 Β· 2 obs
● 2026-03-19 01:11:58
● 2026-04-25 15:55:08
●A2600:1900:4001:96e:8000:1:45de:ee642026-03-19 β†’ 2026-04-25 Β· 2 obs
● 2026-03-19 01:11:58
● 2026-04-25 15:55:08
●A34.41.139.1932026-03-19 β†’ 2026-04-25 Β· 2 obs
● 2026-03-19 01:11:58
● 2026-04-25 15:55:08

πŸ” DNS Trace

πŸ“‹ Delegation Chain

ZoneNameserversGlue
clickns01.trs-dns.com, ns01.trs-dns.net, ns10.trs-dns.org, ns10.trs-dns.info-
ventoxcfx.clickns2.hwrn.net, ns1.hwrn.net-

βœ… Authoritative Response

Server:34.147.11.210

NS records: ns2.hwrn.net, ns1.hwrn.net

πŸ”’ DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for ventoxcfx.click (unsigned zone)

⏱️ Timing

Total: 719ms | Queries: -

πŸ“„ Records

TypeCountSample Data
A134.41.139.193
AAAA12600:1900:4001:96e:8000:1:45de:ee64
NS2ns1.hwrn.net, ns2.hwrn.net
MX2mx1.csof.net (pri: 10), mx2.csof.net (pri: 10)
TXT1v=spf1 include:_incspfcheck.mailspike.ne
SOA1ns1.hwrn.net hostmaster.hwrn.net

Analysis

Hierarchy

ventoxcfx.click is parent of botnet.ventoxcfx.click.

IP Addresses

ventoxcfx.click points to two IP numbers: 2600:1900:4001:96e:8000:1:45de:ee64 and 34.41.139.193.

Other host names, for instance weqwinh.fburl.fun, 216-195-74-201.cncndc.net, lusus.virosat.ru, a84.ip.northtic.com and totty.dedspac.ru share IP numbers with ventoxcfx.click.

Name Servers

ventoxcfx.click's delegation is to two name servers ns1.hwrn.net and ns2.hwrn.net.

ventoxcfx.click shares the same name server configuration as other domains, such as doody.dedspac.ru, bache.virosat.ru, gown.amaniwa.ru, 67-208-145-252.cncndc.net and static-175.165.93.111-tataidc.co.in.

Host names with six IP numbers:

ns1.hwrn.net points to: 2600:1900:4000:cb7c:8000::, 2600:1900:4061:58e:8000::, 2600:1900:4081:2f2:8000::, 34.32.207.228, 34.46.191.171 and 35.187.247.195.

ns2.hwrn.net points to: 2600:1900:4000:cb7c:8000:4::, 2600:1900:4061:58e:8000:4::, 2600:1900:4081:2f2:8000:4::, 34.124.162.145, 34.136.0.93 and 34.147.11.210.

Mail Servers

Two mail servers mx1.csof.net and mx2.csof.net handle ventoxcfx.click.

ventoxcfx.click uses the same mail server setup as other domains such as thebesttime.buzz, 106-251-30-217.tatintel.com, gwzcqnnbd40.qwo231sdx.club, ywv0o92viok8kre53f65hpue.qwo231sdx.club and moxiecolo.com.

Host names with a single IP:

mx1.csof.net resolves to 46.4.12.146.

mx2.csof.net resolves to 46.4.10.173.